Should casual users avoid the Satoshi client?

[cbeast]

With the blockchain bloating, I'm concerned about people that created wallets with the Satoshi client to purchase bitcoins and then just made backups of the wallet file. If they don't access the wallet file for many years, how will they load the wallet again if the blockchain swells? Should they be warned against using this client for long term storage?

[btcven]

AFAIK wallet.dat files can be imported to some bitcoin clients.

I don't recommend Bitcoin-qt to new users due to the non instant access.

[jgarzik]

With the blockchain bloating, I'm concerned about people that created wallets with the Satoshi client to purchase bitcoins and then just made backups of the wallet file. If they don't access the wallet file for many years, how will they load the wallet again if the blockchain swells? Should they be warned against using this client for long term storage?

One would think, if you want long term storage, the Satoshi client would be the best choice (or perhaps Armory, which uses the Satoshi client).  For long term storage you can afford to wait for network sync.

If you want lower security with instant access, one can use a web wallet.  But move your bitcoins off a centralized website as soon as possible...

[Zomdifros]

I recommend the Blockchain wallet to new users. It's much more user friendly, has more features, looks better and is safer to due the option of using two-factor authentication and automated backups. I regard the Satoshi client as something for enthusiasts.

[jerfelix]

With the blockchain bloating, I'm concerned about people that created wallets with the Satoshi client to purchase bitcoins and then just made backups of the wallet file. If they don't access the wallet file for many years, how will they load the wallet again if the blockchain swells? Should they be warned against using this client for long term storage?

One would think, if you want long term storage, the Satoshi client would be the best choice (or perhaps Armory, which uses the Satoshi client).  For long term storage you can afford to wait for network sync.

If you want lower security with instant access, one can use a web wallet.  But move your bitcoins off a centralized website as soon as possible...

For "long term storage", I'd recommend a paper wallet from bitaddress.org.

[Gavin Andresen]

I think casual users should avoid the Satoshi client. Gigabytes of blockchain data is not user-friendly, and we've done a lousy job of making it hard for users to lose their keys.

I think the something like the blockchain.info web wallet or Electrum is a good choice for long-term storage; you keep control over your private keys, and are exposed to possible theft risk only when you make a transaction (because a hacked blockchain.info could feed you evil Javascript, or a hacked Electrum download server could feed you an evil executable).  The chances that you will be one of the first customers who make a transaction after they were hacked, before they took their site offline to recover from the hack, are pretty small if you are only making a couple of transactions per month.

I'm also assuming that a casual user isn't storing thousands of bitcoins. I don't think we have great solutions for casual users with thousands of bitcoins yet (I consider paper wallets a fair solution, not a great one).

[HorseRider]

I consider paper wallets a fair solution, not a great one.

I feel interested. I will research into this, thank you. Anyone can tell me where I can find the best practice for the paper wallets?  The slow blockchain download process has already cost me 1 BTC fine interest.

I have bought a 200 usd computer with a Atom CPU and 500GB hard drive to serve as a dedicate computer for the armory online client. I will kept the computer running 24/7. Is there anyone else who do the same as me?

[hazek]

(because a hacked blockchain.info could feed you evil Javascript,...

Their browser addon eliminates that risk, no?

[Gabi]

The problem about the satoshi client is that it is NOT newbie friendly. It forces you to download 6GB or more of blockchain and then have an interface wich is not exactly friendly

[kokojie]

(because a hacked blockchain.info could feed you evil Javascript,...

Their browser addon eliminates that risk, no?

yes, but not everyone uses it.

[casascius]

Paper wallets are great because they are an extension of the base classes "TangibleObject" and "PieceOfPaper" (two objects that enjoy high compatibility with human minds) while adding the ability to store bitcoins at a very low cost.

With BIP38 two-factor paper wallets, one can enjoy encrypted paper wallets without having to produce them themselves, but also without any risk that the person who produced them will be able to steal their funds.  This creates a lot of possibilities for secure storage that are also grandma-compatible.  Anyone who can operate a copy machine or a ballpoint pen can confidently secure their own bitcoins against snooping, fire, theft, and even their own mortality, without much difficulty.

If they're good enough for Paris Hilton to store her bitcoins, they're good enough for anybody!

[Zomdifros]

(because a hacked blockchain.info could feed you evil Javascript,...

Their browser addon eliminates that risk, no?

yes, but not everyone uses it.

There is still the risk on blockchain.info that you have a keylogger on your computer and your backup file gets stolen. The ultimate solution will be a bitcoin account which is insured by your bank, like normal bank accounts.

[TheButterZone]

Paper wallets are great because they are an extension of the base classes "TangibleObject" and "PieceOfPaper" (two objects that enjoy high compatibility with human minds) while adding the ability to store bitcoins at a very low cost.

With BIP38 two-factor paper wallets, one can enjoy encrypted paper wallets without having to produce them themselves, but also without any risk that the person who produced them will be able to steal their funds.  This creates a lot of possibilities for secure storage that are also grandma-compatible.  Anyone who can operate a copy machine or a ballpoint pen can confidently secure their own bitcoins against snooping, fire, theft, and even their own mortality, without much difficulty.

If they're good enough for Paris Hilton to store her bitcoins, they're good enough for anybody!

Have to agree. I use an offline copy of the brainwallet.org GitHub source and don't have tons of addresses to manage. I suppose if I did, I would want serious software, but not care as much about bloat as grandma, because at that point I would be using more advanced features anyway.

[CurbsideProphet]

(because a hacked blockchain.info could feed you evil Javascript,...

Their browser addon eliminates that risk, no?

yes, but not everyone uses it.

There is still the risk on blockchain.info that you have a keylogger on your computer and your backup file gets stolen. The ultimate solution will be a bitcoin account which is insured by your bank, like normal bank accounts.

I highly suggest using two factor authentication.  This greatly diminishes the chances of your account being hacked and is available from Blockchain.info (amongst other sites).  As many have suggested, I use the Blockchain wallet for day to day transactions and a paper wallet for "savings."  I have no patience to download the blockchain and keep it constantly synced.

[sunnankar]

I think the something like the blockchain.info web wallet or Electrum is a good choice for long-term storage; you keep control over your private keys, and are exposed to possible theft risk only when you make a transaction

In the Free Bitcoin Guide I recommend Blockchain.info for casual use and for offline I show people step-by-steo how to download the source for bitaddress.org and brainwallet.org. Then they can create paper wallets and transactions completely offline.

Anyone have any suggestions on how to improve those suggestions for the new users? I want to increase the conversion rate of people interested in bitcoin to those who actually buy some bitcoins and then use them for an actual trade transaction.

[dave111223]

Personally I went through all the clients (Bitcoin-qt, Armory, Multibits, etc..) and ended up with Electrum...let someone else worry about the 6GB+ blockchain.

[tvbcof]

I consider paper wallets a fair solution, not a great one.

I feel interested. I will research into this, thank you. Anyone can tell me where I can find the best practice for the paper wallets?  The slow blockchain download process has already cost me 1 BTC fine interest.

I have bought a 200 usd computer with a Atom CPU and 500GB hard drive to serve as a dedicate computer for the armory online client. I will kept the computer running 24/7. Is there anyone else who do the same as me?

I used to run bitcoind  on my Soekris based router under FreeBSD which simplified packet filtering and such.  For doing cold storage work I used my workstation (also FreeBSD.)  I stopped running both regularly in late 2011 when I stopped doing transactions and just use some coins I put in Instawallet since then.  But I've only found occasion to do half a dozen transactions or so.

Just recently I wanted to pull and test one of my deep storage wallets so I fired up the old build on my workstation and let it sync up (for the better part of a week.)

If I run bitcoind permanently going forward I'll probably use a semi-dedicated headless machine which uses as little power as I can get away with...trying to project as best I can into the near future for sizing purposes.  Else I'll bring up an instance in one of the clouds for that duty, but I'll not put any significant value in a client running in a cloud.

Once I confirm that I can re-claim my deep storage, I'll probably archive my binaries and data, then try to build a newer version of bitcoind which will hopefully perform a little more efficiently.  Then ensure that my old wallets work with it.

[Mike Hearn]

If your wallet hasn't changed since you saved it, you don't need to wait for the block chain to sync. You can just spend the coins immediately. So your scenario isn't really an issue.

[casascius]

With an unencrypted wallet, your coins can be extracted with a hex editor.  It is super easy, and no big deal if bitcoind can't read it.

If you encrypt the wallet, then it becomes a bit harder, but not by much (assuming you know the paraphrase)

[tvbcof]

If your wallet hasn't changed since you saved it, you don't need to wait for the block chain to sync. You can just spend the coins immediately. So your scenario isn't really an issue.

Thanks for the note.  I actually had not thought much about it, but it makes pretty good sense that things could potentially work this way.   Without knowing the code well, it seems conceivable that the client would have trouble performing some operations unless it felt it was up-to-date enough (blockchain-wise) to validate one thing or another or optimize aggregation or whatever.  All of my hands-on work to date has been under an up-to-date bitcoind.

With an unencrypted wallet, your coins can be extracted with a hex editor.  It is super easy, and no big deal if bitcoind can't read it.

If you encrypt the wallet, then it becomes a bit harder, but not by much (assuming you know the paraphrase)

I've never used the native wallet encryption of Bitcoin, but of course I use my own.  My encrypted wallets are in the public domain, but the passphrases to them are in one of my safe deposit boxes.  That aside...

I presume that by 'coins' you mean the secret key can be extracted.  I don't doubt it, and I expect that it would be reasonably easy (though perhaps tedious) to figure out which key in the wallet had value associated.

What I've not run across are surgery techniques required to make use of the secret key in order to re-claim value in a safe manner.  That is, how practical would it be to graft the key into the wallet files (or whatever) of various alternate clients and so on.  Perhaps they tend to have some sort of 'import' feature these days?  Last time I actually worked with Bitcoin it was unpleasant enough to manipulate wallet files that I never bothered to make use of vanity addresses.

Actually, what would be really cool would be if one of the on-line wallets had a key import feature.  Especially Instawallet which I prefer due to it's privacy and pedigree.  I would trust an on-line wallet with significant value because it would be transient.  And it would be quite useful to not need to install any software on my computer (or the computer I happened to be using) at all.